On Mon, 8 May 2000, Dave Dykstra wrote:
> On Sun, May 07, 2000 at 12:54:28PM -0700, Eric J. Schwertfeger wrote:
> > On Sun, 7 May 2000, Markus Friedl wrote:
> >
> > > The RSA patent problem applies:
> > > only in the US
> > > only for commercial use
> > > only until September 20th, 2000.
>
> Add to the list:
> only for people who don't want to use RSAREF (which is free for
> anybody who is not selling software that contains it)
Not quite true. Quoting info.txt:
o RSAREF, RSAREF applications, and services based on
RSAREF applications may not be sold.
The exact meaning of this is quite debateable, but remote maintenance of
mail servers/web servers/firewalls for sites that you charge for
remote maintenance via ssh, or if that service comes bundled with some
other product that is sold, will probably fall under "services based on
RSAREF." If you're doing the same for inhouse servers, it probably doesn't
cover it, since you're not selling that as a service.
I'm not a lawyer, so I could be wrong, but I do follow this argument, not
just here, but in reference to OpenSSL as well. There isn't a single,
obviously right answer, and when it comes to getting my employers (one of
whom is my best friend) in trouble, I'm going to err on the side of
cautiousness.
